Aggregator

82% of organizations already use AI agents, but only 44% of organizations report having policies in place to secure them, according to SailPoint. While 53% are in the process of developing such policies, the reality is that most remain exposed today. AI agents pose security risks for organizations 96% of technology professionals consider AI agents a growing risk, even as 98% of organizations plan to expand their use of them within the next year. The … More →

The post AI agents have access to key data across the enterprise appeared first on Help Net Security.

As ransomware gangs, state-sponsored hackers, and AI-powered malware operators intensify their campaigns, organizations worldwide are racing to implement actionable threat intelligence frameworks that transform raw data into preemptive defense mechanisms. The global threat intelligence market, projected to reach $26.19 billion by 2029, reflects this strategic shift as businesses move beyond reactive security measures to intelligence-driven […]

The post Actionable Threat Intelligence for Mitigating Emerging Cyber Threats appeared first on Cyber Security News.

Microsoft is ending support for Exchange Server 2016, Exchange Server 2019, and Outlook 2016 on October 14, 2025. That date might seem far off, but if you’re managing email systems or Office deployments, it’s worth paying attention to now. These products will keep working past that deadline, but without security updates or tech support, they’ll be risky to keep in production. What’s ending and when? The key date to remember is October 14, 2025. On … More →

The post Exchange 2016, 2019 support ends soon: What IT should do to stay secure appeared first on Help Net Security.

去中心化交易所Cetus Protocol宣布，黑客窃取了2.23亿美元的加密货币。同时，Cetus Protocol提出了协议，表示如果资金被归还，将停止一切法律行动。该项目还宣布悬赏500万美元，奖励任何提供相关信息的人，以帮助识别和逮捕攻击者。

Cetus Protocol是在Sui和Aptos区块链上运行的去中心化交换（DEX）和流动性协议。它采用集中流动性做市商（CLMM）模型，允许流动性提供者在特定价格范围内配置资产，提高资本效率并实现先进的交易策略。

Cetus Protocol的总交易量为570亿美元（截至2025年5月），超过1500万个账户在平台上执行了1.44亿笔交易。该事件发生后，促使Cetus Protocol暂停其智能合约进行调查。不久后，该项目证实被盗，并表示“1.62亿美元的被盗资金已被成功冻结。”

在随后的一份声明中，Cetus Protocol宣布黑客利用了一个易受攻击的软件包，但没有透露细节。

Cetus Protocol表示：“我们确定了漏洞的根本原因，修复了相关软件包，并在生态系统成员的帮助下尽快通知生态系统建设者，以防止其他团队受到影响。”

此外，该平台指出，它已经确定了攻击者的以太坊钱包地址和账户，并正在与第三方合作追踪和冻结资金。执法部门也已得到通知。

Cetus Protocol还向黑客提供了“一份时间敏感的白帽和解协议”，承诺如果资金被退还，将不会采取法律行动。为了给攻击者施加更大的压力，该项目宣布悬赏500万美元，以获取有助于识别和逮捕黑客的信息。与此同时，在验证者进行紧急投票后，一笔1.62亿美元的交易被暂停。

区块链分析公司Elliptic根据其对该事件的可见性发布了一份报告，指出自动做市商（AMM）逻辑存在漏洞，可能涉及池价操纵，从而实现闪贷式攻击。

区块链情报公司还概述了攻击者的资金转移尝试，包括从USDT到USDC的交换以及从Suit到以太坊的跨链转移。

Cetus Protocol黑客事务概述

目前，Elliptic正在积极追踪从Sui上的最初攻击到攻击者在Ethereum上的钱包的所有交易，并且在所有主要交易所和虚拟资产服务提供商上标记了黑客的地址，以防止其洗钱或转移企图。

Here’s a look at the most interesting products from the past month, featuring releases from: Anchore, BalkanID, Cyble, groundcover, Hunted Labs, LogicGate, McAfee, Obsidian Security, Outpost24, PentestPad, ProcessUnity, Resecurity, Searchlight Cyber, SecuX, ServiceNow, ThreatMark, and Verosint. New MCP server from groundcover redefines LLM observability A new MCP server, faster than any other on the market, has been launched from groundcover, the eBPF-driven observability platform. Developers can now enhance their AI-driven workflows with deep system context, … More →

The post Infosec products of the month: May 2025 appeared first on Help Net Security.

As cyber threats grow in complexity and volume, Security Operations Centers (SOCs) increasingly leverage threat intelligence to transform their defensive strategies from reactive to proactive. Integrating Cyber Threat Intelligence (CTI) into SOC workflows has become critical for organizations that aim to anticipate attacks, prioritize alerts, and respond precisely to incidents. This shift is driven by […]

The post Integrating Threat Intelligence into Security Operations Centers appeared first on Cyber Security News.